0e5f4b1f56f4dea188d5b512fef4d3fe_JaffaCakes118

General

Target

0e5f4b1f56f4dea188d5b512fef4d3fe_JaffaCakes118
Size

136KB
MD5

0e5f4b1f56f4dea188d5b512fef4d3fe
SHA1

fcdaf7f46b3434cc3609a49d4ecf2b9790dbdb52
SHA256

11fef9760acbe39ab1ebb5a212484b3664005780443ef9905972161beebd1bcb
SHA512

0832e72105f4110742312a622a761b0ebc630be865a6490b1878e342e815e5ea995bf76b28c75c5d2888963271bae091bc136a7c643ddb65151a01a7e62d5a9d
SSDEEP

96:dOSBqidlR00FlsJ1P2WKWOWgQqdt27uH6:ESBq+R7m1SNd47uH6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5f4b1f56f4dea188d5b512fef4d3fe_JaffaCakes118

Files

0e5f4b1f56f4dea188d5b512fef4d3fe_JaffaCakes118
.exe windows:0 windows x86 arch:x86

1b316a75e024bfcd848924dc83fbc1e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
AddConsoleAliasA
BackupRead
BackupSeek
BaseDumpAppcompatCache
BuildCommDCBAndTimeoutsA
CallNamedPipeW
ChangeTimerQueueTimer
CheckNameLegalDOS8Dot3A
CmdBatNotification
CommConfigDialogW
CompareStringW
ConsoleMenuControl
CopyFileW
CreateDirectoryExA
CreateFiber
CreateFileA
CreateJobObjectA
CreateProcessA
CreateSemaphoreA
DebugActiveProcess
DecodeSystemPointer
DeleteAtom
DisableThreadLibraryCalls
DisconnectNamedPipe
EncodeSystemPointer
EnumLanguageGroupLocalesA
EnumSystemGeoID
EnumUILanguagesW
ExpungeConsoleCommandHistoryA
ExpungeConsoleCommandHistoryW
FatalAppExitW
FatalExit
FillConsoleOutputAttribute
FillConsoleOutputCharacterW
FindActCtxSectionStringA
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileA
FindNextChangeNotification
FindNextFileW
FlushViewOfFile
FoldStringW
FreeConsole
GetAtomNameA
GetCalendarInfoW
GetCompressedFileSizeW
GetConsoleAliasExesLengthW
GetConsoleAliasesA
GetConsoleCommandHistoryW
GetConsoleNlsMode
GetCurrentProcess
GetDiskFreeSpaceW
GetDllDirectoryW
GetDriveTypeA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeThread
GetFileAttributesA
GetFileTime
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetNativeSystemInfo
GetNumaProcessorMap
GetNumberFormatW
GetNumberOfConsoleInputEvents
GetPrivateProfileSectionNamesW
GetProcAddress
GetProcessId
GetSystemWow64DirectoryA
GetTapePosition
GetThreadIOPendingFlag
GetVersionExA
GetVolumeInformationA
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
GlobalAlloc
GlobalGetAtomNameW
GlobalWire
Heap32ListFirst
Heap32ListNext
HeapLock
HeapSize
InitializeCriticalSectionAndSpinCount
InterlockedPopEntrySList
IsBadCodePtr
IsBadHugeReadPtr
IsBadHugeWritePtr
LZInit
LoadLibraryA
LoadLibraryExW
LockFileEx
MapUserPhysicalPages
MapUserPhysicalPagesScatter
Module32FirstW
MoveFileExA
NumaVirtualQueryNode
OpenDataFile
OpenFile
OpenMutexA
OpenMutexW
OpenWaitableTimerW
QueryActCtxW
QueryPerformanceFrequency
ReadConsoleInputW
ReadDirectoryChangesW
RegisterWowBaseHandlers
RemoveDirectoryW
RemoveLocalAlternateComputerNameW
SearchPathW
SetCommBreak
SetConsoleInputExeNameA
SetConsoleInputExeNameW
SetConsoleMaximumWindowSize
SetConsoleNlsMode
SetConsoleNumberOfCommandsA
SetDefaultCommConfigW
SetFileApisToOEM
SetLastConsoleEventActive
SetPriorityClass
SetProcessShutdownParameters
SetSystemPowerState
SetSystemTime
SetTapeParameters
SetThreadPriorityBoost
SignalObjectAndWait
SuspendThread
SwitchToFiber
SystemTimeToTzSpecificLocalTime
TerminateThread
Thread32First
Thread32Next
TransactNamedPipe
VerifyVersionInfoW
VirtualAllocEx
WriteProcessMemory
WriteTapemark
ZombifyActCtx
lstrcpyn

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b316a75e024bfcd848924dc83fbc1e9

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB